Cybersecurity Program/Project Manager – Governance, Risk, & Compliance (GRC)

We are seeking an experienced Cybersecurity Program/Project Manager to lead and coordinate our Governance, Risk, and Compliance (GRC) shared service initiatives. This is a strategic role that requires both a deep understanding of cybersecurity risk management and expert-level program management skills. You will drive enterprise-wide GRC efforts and ensure the successful delivery of security compliance and risk programs aligned with industry frameworks and business objectives. Key Responsibilities: • Lead GRC program delivery across a shared services model, serving multiple internal business units and stakeholders. • Ensure compliance with regulatory and industry standards (e.g., NIST, ISO 27001, FedRAMP, HIPAA, SOC 2). • Manage and mature governance frameworks, security policies, control testing activities, and risk assessments. • Coordinate with cross-functional teams to remediate findings, track risk mitigation efforts, and report compliance posture. • Serve as the primary point of contact for cybersecurity audits, assessments, and executive updates. • Develop program plans, schedules, risk registers, and performance dashboards for leadership and oversight. • Promote continuous improvement of GRC processes, tooling, and documentation. Required Qualifications: • Bachelor’s degree in Cybersecurity, Information Systems, Business, or a related field. • Project Management Professional (PMP) certification, Masters, or equivalent • 5+ years of experience managing complex cybersecurity programs or projects. • 5+ years of experience leading GRC, risk, or compliance functions within an enterprise environment. • Strong working knowledge of security frameworks and standards such as NIST CSF, NIST 800-53, ISO 27001, and COBIT. • Experience with GRC tools (e.g., CSAM, Xacta, Archer, ServiceNow GRC, etc). • Excellent communication, stakeholder management, and executive reporting skills. Preferred Qualifications: • Additional certifications such as CISSP, CISM, CRISC, CGEIT. • Experience operating in a shared services model or large-scale enterprise environment. • Familiarity with cloud security compliance frameworks (FedRAMP, ISO 27017/18, AWS/GCP/Azure controls). Bonus Experience • Experience in converting wireframes and graphic designs into effective web interfaces. • Background in UX research, testing, and front-end graphic design. • Government or DOJ cybersecurity experience, particularly FISMA A&A accreditation. • Sense of Humor Why Join Us? • Take ownership of enterprise-level GRC initiatives that impact organizational security posture. • Work in a collaborative, growth-oriented cybersecurity team. • Enjoy a flexible, inclusive work environment with room for advancement. • Competitive salary, benefits, and professional development support. Benefits • 401K safe harbor plan with employer match, 10 paid holidays, 15 days of personal time off, health insurance, commuter benefits, tuition assistance, and more. Job Type: Full-time Schedule: • 8 hour shift • Monday to Friday Security clearance: • Secret (Required) Work Location: Remote Apply tot his job